The Kantara Initiative has been awarded multiple research grants valued at up to $2.4 million to develop three innovative digital identity and privacy solutions using smartphones including mobile device attribute verification, mobile authentication and physical access control.Lockstep Technologies, Gluu Inc., and Exponent Inc. are collaborating on the projects with Kantara and the Command, Control and Interoperability Center for Advanced Data Analysis (CCICADA) a research center at the Rutgers University funded by the US Department of Homeland Security Science & Technology Directorate. Each of the projects are multi-phase and are the first projects launched by the Kantara Identity and Privacy Incubator Program (KIPI).”Each of these projects being delivered under KIPI are pioneering new areas in digital identity, privacy and access control,” said Colin Wallis, executive director, Kantara Initiative. “The basis for each project is a unique re-configuration of emerging next generation standards and specifications delivered through mobile devices, like smartphones. The trend of leveraging the ubiquitous mobile device for digital identity solution continues to ramp worldwide. We are seeing a growing interest in incubator programs like KIPI.”The Mobile Device Attribute Verification (MDAV) by Lockstep Technologies, Australia, aims to deliver secure digitally-signed attributes on smartphones, assuring the validity and provenance of attributes, attribute sources and devices through the recasting of digital certificate policy.Potential applications include credentials for first responders, value added mobile driver's licenses, anonymous proof of age, clinical trial and e-health record confidentiality, electronic travel documentation, and privacy-enhanced national IDs.The Emergency Responder Authentication System for Mobile UserS (ERASMUS) by Gluu Inc, USA, involves the capability for multiple autonomous organizations to share up-to-date information about a person's identity, skills and authorizations is especially relevant in the emergency responder community, where state, local and federal government organizations need to collaborate both in person and online.The ERASMUS pilot will demonstrate how the services of a next generation identity federation can provide the tools and rules for distributed identity management. The pilot will also provide the first implementation of a Kantara standard currently under development: the Open Trust Taxonomy for Federation Operators (OTTO). Many applications critical to emergency responders could benefit from a more modern federated identity infrastructure, such as emergency response management collaboration tools, next generation mobile services, and computer aided dispatch. The pilot will showcase a mobile application that will demonstrate how such an infrastructure could be used for in person identity and skills verification.Finally, the Derived Credentials and NFC for Physical Access Control by Exponent Inc., USA, builds on a product Exponent has developed that leverages emerging next generation standards and specifications to enable a derived credential on an NFC-enabled phone to be used for physical access control.The employee uses the phone in the same way as their physical Personal Identity Verification (PIV) Card to access a building, but the phone implementation provides improved convenience as well as options for difficult use cases such as a lost/stolen card or temporary credentials for non-PIV Card holders. The project leverages the Opacity protocol to quickly establish encrypted communications and authenticate a holder of a derived credential in a few seconds for full cryptographic authentication, or under a half a second for lower-security applications such as transit. Exponent also extended the authentication process for full-secrecy, privacy enhanced phone-to-phone identity authentication over NFC.
Kantara granted $2.4m for digital ID, privacy solutions on smartphones
